Email Hack Attack? Be Sure to Notify Brokerage Firms and Other Financial Institutions
Anyone who has experienced an email account intrusion or “hacking” knows how frustrating it can be to deal with the aftermath—from telling friends in milder cases that you didn’t send the flurry of bogus emails they received to regaining access to a blocked account. In the most serious cases, a compromised email account can lead not only to identity theft, but also to theft of your money. That’s why one of the most important first steps you should take if your email account has been hacked is to notify your brokerage firm and other financial institutions.
FINRA has received an increasing number of reports involving investor funds being stolen by fraudsters who first gain access to the investor’s email account and then email instructions to the firm to transfer money out of the brokerage account. In addition to issuing a Regulatory Notice to firms, we are issuing this Alert to warn investors about the potential financial consequences of a compromised email account and to provide tips for safeguarding your assets.
How Cons Use Compromised Email Accounts to Wire Money Out of Accounts
The Federal Bureau of Investigation (FBI), Financial Services Information Sharing and Analysis Center (FS-ISAC) and Internet Crime Complaint Center (I3C) recently issued a joint fraud alert describing a similar trend in which hacked email accounts are being used to facilitate wire transfers. These frauds tend to follow a typical pattern. For example, in some of the instances FINRA has seen, the perpetrators appear to have obtained the investor’s brokerage information by accessing the investor’s email account and searching contact lists or emails in the “sent” folder. The fraudster then typically sends an email to the investor’s broker or brokerage firm (using the investor’s personal email account) with instructions to wire funds to a third-party account, often overseas. The instructions may be accompanied or followed by a fraudulent letter of authorization, which also is emailed from the compromised email account.
In some instances, firms have released funds after unsuccessfully attempting to verify emailed instructions by phone. In at least one case, the fraudulent email stressed the urgency of the requested transfer, pressuring the brokerage firm to release the funds before verifying the authenticity of the emailed instructions. As the FBI/FS-ISAC/I3C alert notes, these fraudsters can be quite creative and persuasive with their excuses, fabricating tales of woe involving a death in the family or some grave illness that keeps the investor from contacting the firm via phone or whatever channels the investor ordinarily uses, while seeking the expedited transfer of assets.
How to Spot a Hack Job
Tell-tale signs that you’ve been the victim of an email account intrusion include reports of spam from people in your “contacts” folder or a slew of “bounced” email messages from people you don’t know. You might find that your password or other account settings have been changed—or that your email provider has blocked you from accessing your account. For information on staying safe online, visit the Federal Trade Commission’s Identity Theft and Data Security website as well as I3C at ic3.gov.
What to Do if Your Email Account Gets Hacked
If your email account gets hacked—or if for any reason you think that your personal financial information has been stolen—immediately contact your brokerage firm and other financial institutions, including credit card issuers, to notify them of the problem. You should also notify the credit bureaus to put a fraud alert on your file.
Check your brokerage account for unauthorized transactions—especially withdrawals or wire transfers to an account that is not yours—and ask the firm to investigate if you find any. It will take time to determine what happened, and the firm will likely need your help in identifying anyone who might have access to your account.
In the meantime, be sure to change your username, password and PIN for your financial accounts—and also change your password to your email account. For additional tips on staying safe online, read our alert, Keeping Your Account Secure: Tips for Protecting Your Financial Information. One of the best defenses against hacking is having a subscription to antivirus software that is installed, active and kept up to date.
If a Problem Occurs
If you believe you have been defrauded, please send us a written complaint. And if you suspect that someone you know has been taken in by a scam, be sure to give us that tip. Here's how:
Mail or Fax:
FINRA Complaints and Tips
9509 Key West Avenue
Rockville, MD 20850
Fax: (866) 397-3290
- FINRA Regulatory Notice 12-05, Verification of Emailed Instructions to Transmit or Withdraw Assets From Customer Accounts
- FINRA and SIFMA Investor Alert, Keeping Your Account Secure: Tips for Protecting Your Financial Information
- FINRA Investor Alert, "Phishing" and Other Online Identity Theft Scams: Don't Take the Bait